CN116846558A - Data encryption method, system, electronic equipment and medium based on RSA algorithm - Google Patents

Data encryption method, system, electronic equipment and medium based on RSA algorithm Download PDF

Info

Publication number
CN116846558A
CN116846558A CN202311001279.0A CN202311001279A CN116846558A CN 116846558 A CN116846558 A CN 116846558A CN 202311001279 A CN202311001279 A CN 202311001279A CN 116846558 A CN116846558 A CN 116846558A
Authority
CN
China
Prior art keywords
modulus
quality factor
data encryption
rsa algorithm
judging
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202311001279.0A
Other languages
Chinese (zh)
Inventor
大卫·纳卡什
杨嘉诚
雷虹
张永欣
包子健
陈邦道
周胜平
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Yunhai Chain Holdings Co ltd
Original Assignee
Yunhai Chain Holdings Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Yunhai Chain Holdings Co ltd filed Critical Yunhai Chain Holdings Co ltd
Priority to CN202311001279.0A priority Critical patent/CN116846558A/en
Publication of CN116846558A publication Critical patent/CN116846558A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3006Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters
    • H04L9/302Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters involving the integer factorization problem, e.g. RSA or quadratic sieve [QS] schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The application discloses a data encryption method, a system, electronic equipment and a medium based on an RSA algorithm, and belongs to the technical field of data security technology. The data encryption method based on RSA algorithm comprises the following steps: if a data encryption request is received, determining target data corresponding to the data encryption request, and acquiring a modulus n of an RSA algorithm from a third-party platform; judging whether the modulus n only has 2 quality factors which are more than 1 and less than n; wherein the 2 plasma factors include a plasma factor p and a plasma factor q; if the modulus n only has 2 quality factors which are more than 1 and less than n, judging whether the numerical similarity of the quality factor p and the quality factor q meets the preset requirement; and if the data meets the preset requirement, executing data encryption operation based on RSA algorithm on the target data by using the modulus n. The application can reduce the complexity of detecting the security of the modulus n and improve the execution efficiency of encrypting data by using an RSA algorithm.

Description

Data encryption method, system, electronic equipment and medium based on RSA algorithm
Technical Field
The present application relates to the field of data security technologies, and in particular, to a data encryption method, system, electronic device, and medium based on RSA algorithm.
Background
The RSA algorithm is proposed by Ron Rivest, adi Shamir, leonard Adleman, and according to the number theory, it is relatively simple to seek two large primes, but it is extremely difficult to factorize their products, so that the products can be disclosed as encryption keys. The RSA algorithm system constructs Euler theorem based on number theory, and the safety of the RSA algorithm system depends on the difficulty of large number factor decomposition. The major threat faced by RSA comes mainly from the continual increase in computing power and the continual improvement in factoring algorithms. In order to improve the security of the RSA algorithm, the selected modulus n needs to be ensured to be the product of safety prime numbers p and q with a specified size, and the security of the modulus n is usually detected by using a Cameisch-Michels protocol in the related technology, but the calculation operation of the pseudo-prime test in the protocol is more, the calculation cost is higher, and the execution efficiency is low.
Therefore, how to reduce the complexity of detecting the security of the modulus n and improve the execution efficiency of encrypting data using the RSA algorithm is a technical problem that needs to be solved by those skilled in the art.
Disclosure of Invention
The application aims to provide a data encryption method, a system, electronic equipment and a medium based on an RSA algorithm, which are used for solving the technical problem of how to reduce the complexity of detecting the security of a modulus n and improve the execution efficiency of encrypting data by using the RSA algorithm.
In order to solve the technical problems, the application provides a data encryption method based on RSA algorithm, which comprises the following steps:
if a data encryption request is received, determining target data corresponding to the data encryption request, and acquiring a modulus n of an RSA algorithm from a third-party platform;
judging whether the modulus n only has 2 quality factors which are more than 1 and less than n; wherein the 2 plasma factors include a plasma factor p and a plasma factor q;
if the modulus n only has 2 quality factors which are more than 1 and less than n, judging whether the numerical similarity of the quality factor p and the quality factor q meets the preset requirement;
and if the data meets the preset requirement, executing data encryption operation based on RSA algorithm on the target data by using the modulus n.
Optionally, determining whether the modulus n has only 2 quality factors greater than 1 and less than n includes:
selecting m random values ρ from a target set i
Judging the random value rho i Whether the modulus n is twice the remainder; if yes, the random value rho is obtained i Adding the square root of (2) to the verifier set; if not, adding 0 to the verifier set;
judging whether the number of non-zero elements in the verifier set is larger than a preset number or not to obtain a first judgment result;
judging whether the modulus n is positive odd number and is not prime number or prime power to obtain a second judging result;
if the first judging result and the second judging result are both yes, judging that the modulus n only has 2 quality factors which are more than 1 and less than n;
and if the first judging result and the second judging result are not equal, judging that the modulus n does not meet the safety requirement.
Optionally, the random value ρ is reduced i Adding to the verifier set a square root of (c) comprising:
from the random value ρ i Randomly selected one of the square roots of (a) is added to the verifier set.
Optionally, in selecting m random values ρ from the target set i Before, still include:
according to statistics of safety parametersCalculating the value of m by a plurality of kappa; wherein,
correspondingly, before judging whether the number of non-zero elements in the verifier set is greater than a preset number, the method further comprises:
the preset number is set to 3m/8.
Optionally, determining whether the numerical similarity of the quality factor p and the quality factor q meets a preset requirement includes:
judging whether the digit difference or the numerical value difference between the quality factor p and the quality factor q is smaller than a preset numerical value;
if yes, judging that the numerical similarity of the quality factor p and the quality factor q meets the preset requirement;
if not, judging that the numerical similarity of the quality factor p and the quality factor q does not meet the preset requirement.
Optionally, determining whether the numerical similarity of the quality factor p and the quality factor q meets a preset requirement includes:
and judging whether the numerical similarity of the quality factor p and the quality factor q meets the preset requirement or not by using a GPS signature algorithm.
Optionally, the method further comprises:
and if the modulus n does not have the quality factor p and the quality factor q, or the numerical similarity of the quality factor p and the quality factor q does not meet the preset requirement, judging that the modulus n does not meet the safety requirement.
The application also provides a data encryption system based on RSA algorithm, which comprises:
the module acquisition module is used for determining target data corresponding to the data encryption request if the data encryption request is received, and acquiring a module n of an RSA algorithm from a third-party platform;
the quantity judging module is used for judging whether the modulus n only has 2 quality factors which are more than 1 and less than n; wherein the 2 plasma factors include a plasma factor p and a plasma factor q;
the similarity judging module is used for judging whether the numerical similarity of the quality factor p and the quality factor q meets the preset requirement if the modulus n only has 2 quality factors which are more than 1 and less than n;
and the encryption module is used for executing data encryption operation based on RSA algorithm on the target data by utilizing the modulus n if the numerical similarity meets the preset requirement.
The application also provides a storage medium, on which a computer program is stored, which when executed implements the steps of the above described RSA algorithm-based data encryption method.
The application also provides an electronic device, which comprises a memory and a processor, wherein the memory stores a computer program, and the processor realizes the steps executed by the data encryption method based on the RSA algorithm when calling the computer program in the memory.
The application provides a data encryption method based on RSA algorithm, comprising the following steps: if a data encryption request is received, determining target data corresponding to the data encryption request, and acquiring a modulus n of an RSA algorithm from a third-party platform; judging whether the modulus n only has 2 quality factors which are more than 1 and less than n; wherein the 2 plasma factors include a plasma factor p and a plasma factor q; if the modulus n only has 2 quality factors which are more than 1 and less than n, judging whether the numerical similarity of the quality factor p and the quality factor q meets the preset requirement; and if the data meets the preset requirement, executing data encryption operation based on RSA algorithm on the target data by using the modulus n.
The application acquires the modulus n of the RSA algorithm from the third party platform after receiving the data encryption request, and judges whether the modulus n only has 2 quality factors which accord with the rule of 1 < p < n and 1 < q < n. If the modulus n only has 2 quality factors which are more than 1 and less than n, continuously judging whether the numerical similarity of the quality factors p and q meets the preset requirement, and if the numerical similarity meets the preset requirement, executing data encryption operation based on RSA algorithm on the target data by utilizing the modulus n. The application detects the safety of the modulus n from two dimensions of the quality factor number and the quality factor numerical similarity of the modulus n, and can efficiently and low-cost avoid the safety problem possibly caused by n provided by a third party. Therefore, the application can reduce the complexity of detecting the security of the modulus n and improve the execution efficiency of encrypting data by using the RSA algorithm. The application also provides a data encryption system, a storage medium and an electronic device based on RSA algorithm, which have the beneficial effects and are not repeated here.
Drawings
For a clearer description of embodiments of the present application, the drawings that are required to be used in the embodiments will be briefly described, it being apparent that the drawings in the following description are only some embodiments of the present application, and other drawings may be obtained according to the drawings without inventive effort for those skilled in the art.
FIG. 1 is a flowchart of a data encryption method based on RSA algorithm according to an embodiment of the present application;
fig. 2 is a schematic structural diagram of a data encryption system based on RSA algorithm according to an embodiment of the present application.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present application more apparent, the technical solutions of the embodiments of the present application will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present application, and it is apparent that the described embodiments are some embodiments of the present application, but not all embodiments of the present application. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, are intended to be within the scope of the application.
Referring to fig. 1, fig. 1 is a flowchart of a data encryption method based on RSA algorithm according to an embodiment of the present application.
The specific steps may include:
s101: if a data encryption request is received, determining target data corresponding to the data encryption request, and acquiring a modulus n of an RSA algorithm from a third-party platform;
the embodiment can be applied to electronic equipment with a function of encrypting data by using an RSA algorithm, after receiving a data encryption request, target data corresponding to the data encryption request can be determined, and a module n required for encrypting the data by using the RSA algorithm can be obtained from a third party platform.
S102: judging whether the modulus n only has 2 quality factors which are more than 1 and less than n; if yes, go to S103; if not, ending the flow;
the purpose of this step is: judging whether the modulus n provided by the third party platform only has 2 prime factors which are more than 1 and less than n, wherein the 2 prime factors comprise prime factor p and prime factor q. If the modulus n does not satisfy the condition that only 2 quality factors greater than 1 and less than n exist, the modulus n is determined to be unsafe.
S103: if the modulus n only has 2 quality factors which are more than 1 and less than n, judging whether the numerical similarity of the quality factor p and the quality factor q meets the preset requirement;
the step is based on that the modulus n only has 2 quality factors p and q which are more than 1 and less than n, and the similarity of the quality factors p and q can be judged. The step can judge whether the numerical similarity of the quality factor p and the quality factor q meets the preset requirement; specifically, it may be determined whether the difference in the number of bits or the difference in the number of values of the quality factor p and the quality factor q is smaller than a preset value; if yes, judging that the numerical similarity of the quality factor p and the quality factor q meets the preset requirement; if not, judging that the numerical similarity of the quality factor p and the quality factor q does not meet the preset requirement.
S104: and if the data meets the preset requirement, executing data encryption operation based on RSA algorithm on the target data by using the modulus n.
If the numerical similarity of the quality factor p and the quality factor q meets the preset requirement, the data encryption operation based on the RSA algorithm can be executed on the target data by utilizing the modulus n to obtain ciphertext data.
In this embodiment, after receiving the data encryption request, the module n of the RSA algorithm is obtained from the third party platform, and it is determined whether the module n has only 2 quality factors conforming to the rule of 1 < p < n and 1 < q < n. If the modulus n only has 2 quality factors which are more than 1 and less than n, continuously judging whether the numerical similarity of the quality factors p and q meets the preset requirement, and if the numerical similarity meets the preset requirement, executing data encryption operation based on RSA algorithm on the target data by utilizing the modulus n. According to the embodiment, the safety of the modulus n is detected from two dimensions, namely the quality factor number and the quality factor numerical similarity of the modulus n, so that the safety problem possibly caused by n provided by a third party can be effectively avoided with low cost. Therefore, the embodiment can reduce the complexity of detecting the security of the modulus n and improve the execution efficiency of encrypting data by using the RSA algorithm.
As a possible implementation manner, the present embodiment may determine the number of quality factors of the modulus n by: selecting m random values ρ from a target set i The method comprises the steps of carrying out a first treatment on the surface of the Judging the random value rho i Whether the modulus n is twice the remainder; if yes, the random value rho is obtained i Adding the square root of (2) to the verifier set; if not, adding 0 to the verifier set; judging whether the number of non-zero elements in the verifier set is larger than a preset number or not to obtain a first judgment result; judging whether the modulus n is a positive odd number or not, and judging whether the modulus n is a prime number or prime power or not to obtain a second judging result; if the first judging result and the second judging result are both yes, judging that the modulus n only has 2 quality factors which are more than 1 and less than n; and if the first judging result and the second judging result are not equal, judging that the modulus n does not meet the safety requirement. Specifically, if the modulus n is a positive odd number and the modulus n is not a prime number or prime power, the second judgment result is yes; if the modulus n is not positive odd number or the modulus n is prime number or prime power, the second judgment result is no. The target set is a subset of the set satisfying jacobian symbol 1.
In the above process, a random value ρ i There may be multiple square roots and thus from the random value ρ i Randomly selected one of the square roots of (a) is added to the verifier set.
Further, in the slaveSelecting m random values ρ from a target set i Previously, the value of m can also be calculated according to the statistical security parameter kappa; wherein,correspondingly, the preset number can also be set to 3m/8 (i.e., 0.375) m ). Statistical security parameters (statistical security parameter) refer to: the probability of an attacker to deviate from the protocol (without being discovered) while interacting online is constrained.
As a possible embodiment, the numerical similarity of the quality factors p and q may be determined by: and judging whether the numerical similarity of the quality factor p and the quality factor q meets the preset requirement or not by using a GPS (Girault-Poupard-Stern) signature algorithm. The GPS signature algorithm is an algorithm known in the art, and the implementation process is specifically described in paper On the Fly Authentication and Signature Schemes Based on Groups of Unknown Order.
As a possible implementation manner, if the modulus n does not have the quality factor p and the quality factor q, or the numerical similarity of the quality factor p and the quality factor q does not meet a preset requirement, the modulus n is determined to not meet a safety requirement. If the modulus n does not meet the security requirement, the data encryption request can be refused, and the encryption operation is not performed on the target data.
The flow described in the above embodiment is explained below by way of an embodiment in practical application.
In the related art, the memtisch-Michels protocol is generally used for detecting the security of the modulus n, but the calculation operation of the pseudo-nature test in the mode is more, the calculation cost is higher, the execution efficiency is low, the core of the memtisch-Michels protocol is pseudo-nature certification, and the combination of zero knowledge certification such as discrete logarithm, complex number and the like relates to more and complicated operation and communication, is not easy to understand, and the realization and security analysis of the protocol are difficult. The above-described related art is therefore computationally expensive, inefficient, and not easy to implement and analyze.
The embodiment provides an RSA modulus n security proving method, which is based on Joy08 protocol to generate parameters p, q and n, wherein p, q are not controlled by human intervention, so that the cryptographic security of p, q and n is realized, the RSA modulus n is verified by GRSB modulus test algorithm, whether the RSA modulus n has just one pair of p, q values is detected, and the GPS signature algorithm is utilized to verify whether the quality factors p, q are similar. The technical scheme of the application can efficiently and low-cost avoid the security problem possibly caused by n provided by a third party. Joy08 protocol is a protocol commonly known in the art for generating RSA algorithm parameters p, q and n, and its specific implementation can be found in paper RSA Moduli with a Predetermined Portion: techniques and Applications.
The present embodiment uses the following notation:
(a) a|b represents a and b in series, where a, b is a bit string.
(b)The space size of c, i.e. the minimum number of bits required to write c, where c is an integer, is represented.
(c)Representation->Bit all zero string.
(d)[A]The representation set 0,1, a-1,representing a collection of natural numbers.
(e)Represents uniform random sampling from X, where X is a finite set.
As a possible embodiment, the security generation method of p, q, and n is as follows:
using the Joy08 protocol, a pair of prime numbers (p, q) is generated whose product n=pq bit strings have a known fixed pattern pi (e.g., string fff..fff) to achieve (p, q) uncontrolled and thus cryptographic security of n, whose center thinks are as follows:
(1) a string x: =pi|ρ is formed, where ρ is a random string of bits.
(2) Generates a prime number p, and
(3) so that q is incremented until it is prime.
Joy08 protocol is capable of achieving bit strings of s-lengthPartially fixed pattern string N H =π:
Given length s, s 0 The bit string length |p|of kappa, prime number p 2 =s-s 0 The bit string length of prime number q |q| 2 =s 0 Fixed pattern bit string N H (the length is set to be kappa,high-order parts in the form of n-bit strings).
Bit string N L (lower part in the form of an n-bit string), RSA modulus n (the bit string length of n|n| 2 =s):|n| 2 =|pq| 2 =|N H |N L | 2
(1) Randomly selecting an integer p 0 Bit string length |p 0 | 2 =s-s 0 Definition:
(2) defining triples using recursive means (d i ,u i ,v i ),d i Representing the first auxiliary generation parameter, u i Representing a second auxiliary generation parameter, v i Representing a third auxiliary generation parameter, i=0, 1,2 … …;
(d 0 ,u 0 ,v 0 )=(p 0 ,0,1)
(d -1 ,u -1 ,v -1 )=(q 0 ,1,0)
(3) defining triples using recursive means (x i ,y i ,z i ),x i Representing the first generation parameter, y i Representing the second generation parameter, z i Representing a third generation parameter, i=0, 1,2 … …;
(x 0 ,y 0 ,z 0 )=(0,0,[N H 2 s-κ mod p 0 ]+2 s-κ-1 );
if triplet (x i ,y i ,z i ) Satisfy |z i -x i y i |<2 s-κ-1 Then add to the listIf not, the recursion definition is popped out, and the loop is aborted.
(4) From the listFind a (x) satisfying the following condition i ,y i ,z i ):
p=p 0 +x i
q=q 0 +y i
So that p, q are prime numbers. If the finding is not, returning to the step (1) to restart.
(5) Output n= (p) 0 +x i )(q 0 +y i ),N L =nmod2 s-κ . To make the prime factors p, q of n related (e.g., p-1, q+1, etc.) smooth numbersMore rarely, the modulus n which is 62% larger than the preset normal value is preferentially selected. n may be determined by satisfying additional short redundancy (e.g., SHA (n) mod2 24 =0) achieves higher security but requires greater resource overhead.
As a possible embodiment, the procedure for verifying that n has exactly two quality factors p, q is as follows:
in this embodiment, the Goldberg-Rey Zin-Sagga-Baldimtsi (GRSB) modulus test is used to verify that n has exactly two quality factors, and GRSB is an existing quality factor verification method in the field, and the specific implementation process can be seen in paper Efficient Noninteractive Certification of RSA Moduli and Beyond.
(a) The following symbols are defined:
①J n representing a set satisfying jacobian symbol 1Is a subset of the set.
②QR n Represents J n A subset of the quadratic residue components of middle pattern n.
(3) Kappa is a statistical safety parameter.
(b) GRSB modulus test protocol:
(1) prover P and verifier V both order
(2) Verifier V selects m random values ρ i ∈J n And sent to P wait for proof.
(3) Prover P examines each ρ i Whether or not it is a quadratic residue of modulo n (i.e. whether or not it belongs to QR n Satisfies the following conditionsρ i 2 modn=ρ i ) If it belongs to QR n The prover P returns ρ i Is the square root sigma of (2) i To V, whereas P returns sigma i =0 to V (P in ρ) i Of the four square roots, P randomly selects one).
(4) The verifier V verifies if n is positive odd and not prime or prime power, otherwise the protocol fails.
(5) The verifier checks if there are at least 3m/8 non-zero sigma i And each is non-zero sigma i Satisfy sigma i 2 =ρ i mod n, if so, n happens to have two quality factors, otherwise the protocol fails.
As a possible implementation, the procedure for verifying that the quality factors p, q are similar in size is as follows:
this example uses the Girault-Poupard-Stern (GPS) signature algorithm to verify that the quality factors p, q are similar in size.
The GPS algorithm consists of four parts, namely setting, key generation, signature and verification:
(a)GPS.Setup(λ)—→pp:
setting protocol common parameters (the public parameters, pp):
(1) the integers A, B, S are set.
(2) Hash function h {0,1} - [ B ].
To achieve a security level lambda. Where the security level λ is a measure of the security strength that can be achieved by an encrypted primitive (e.g. a ciphertext or a hash function), typically in bits.
(b)GPS.Keygen(pp)—→(sk,pk):
The signer selects two secure primes p, q, n=pq. Selection elementThe order satisfying g can be divided by pq (if and only if gcd (g-1, n) =gcd (g+1, n) =1),/o>And g is represented as belonging to a group. Signer private keyPublic key pk =g s
(c)GPS.Sign(pp,sk,msg)-→σ:
②x=g r modn;
③c=h(msg,x);
④y=r+c·sk;
(5) If y is greater than or equal to A, then the process returns to step (1) using the new r value and resumes.
Where msg is plaintext information, a signature σ= (x, c, y) is generated.
(d) GPS. Verify (pp, pk, msg, σ) - → { valid, invalid }, valid indicating that the validation result is valid, invalid indicating that the validation result is invalid:
verifier V checks the following range:
x>0 and x∈[n]and c∈[B]and y∈[A+(B-1)(S-1)];
if any one of the above range of check items fails, the signature is invalid, otherwise the verifier V continues to calculate:
hash output result representing (msg, x,) for the whole>And x represents a public key. If->And->Sigma is valid and vice versa.
This example utilizes testing with Joy08 protocol, GRSB modulusAlgorithm and GPS signature algorithm realize the cryptographic security of RSA modulus n and low cost modulus n bit stringPart of the operation is fixed into a specified mode string, the human intervention of a third party is prevented, the calculation operation is few, the calculation cost is low, and the execution efficiency is high. The protocol communication complexity of the embodiment is lower than that of the Camenisch-Michels protocol, the protocol is simpler and easy to understand, and the protocol is easy to realize and analyze safety.
The embodiment builds a corresponding technical scheme for proving the safety problem of the RSA modulus n based on the Joy08 protocol, the GRSB modulus test algorithm and the GPS signature algorithm, and provides a simpler and more efficient RSA modulus n safety proving method based on the number theory knowledge, so that a prover and a verifier realize the verification function with fewer operations and communications. The embodiment provides security certification for the RSA modulus n, and can be applied to the aspects of RSA encryption communication and the like.
Referring to fig. 2, fig. 2 is a schematic structural diagram of an RSA algorithm-based data encryption system according to an embodiment of the present application, where the system may include:
the module obtaining module 201 is configured to determine target data corresponding to a data encryption request if the data encryption request is received, and obtain a module n of an RSA algorithm from a third party platform;
a number determination module 202, configured to determine whether the modulus n has only 2 quality factors greater than 1 and less than n; wherein the 2 plasma factors include a plasma factor p and a plasma factor q;
the similarity judging module 203 is configured to judge whether the numerical similarity between the quality factor p and the quality factor q meets a preset requirement if the modulus n has only 2 quality factors greater than 1 and less than n;
and the encryption module 204 is configured to execute a data encryption operation based on an RSA algorithm on the target data by using the modulus n if the numerical similarity meets a preset requirement.
In this embodiment, after receiving the data encryption request, the module n of the RSA algorithm is obtained from the third party platform, and it is determined whether the module n has only 2 quality factors conforming to the rule of 1 < p < n and 1 < q < n. If the modulus n only has 2 quality factors which are more than 1 and less than n, continuously judging whether the numerical similarity of the quality factors p and q meets the preset requirement, and if the numerical similarity meets the preset requirement, executing data encryption operation based on RSA algorithm on the target data by utilizing the modulus n. According to the embodiment, the safety of the modulus n is detected from two dimensions, namely the quality factor number and the quality factor numerical similarity of the modulus n, so that the safety problem possibly caused by n provided by a third party can be effectively avoided with low cost. Therefore, the embodiment can reduce the complexity of detecting the security of the modulus n and improve the execution efficiency of encrypting data by using the RSA algorithm.
Further, the process of the quantity determination module 202 determining whether the modulus n has only 2 quality factors greater than 1 and less than n includes: selecting m random values ρ from a target set i The method comprises the steps of carrying out a first treatment on the surface of the Judging the random value rho i Whether the modulus n is twice the remainder; if yes, the random value rho is obtained i Adding the square root of (2) to the verifier set; if not, adding 0 to the verifier set; judging whether the number of non-zero elements in the verifier set is larger than a preset number or not to obtain a first judgment result; judging whether the modulus n is positive odd number and is not prime number or prime power to obtain a second judging result; if the first judging result and the second judging result are both yes, judging that the modulus n only has 2 quality factors which are more than 1 and less than n; and if the first judging result and the second judging result are not equal, judging that the modulus n does not meet the safety requirement.
Further, the number determination module 202 determines the random value ρ i The process of adding the square root of (2) to the verifier set includes: from the random value ρ i Randomly selected one of the square roots of (a) is added to the verifier set.
Further, in selecting m random values ρ from the target set i The quantity judgment module 202 is further configured to calculate a value of m according to the statistical security parameter κ; wherein,
accordingly, the quantity determination module 202 is further configured to set the preset quantity to 3m/8 before determining whether the quantity of non-zero elements in the verifier set is greater than the preset quantity.
Further, the process of determining whether the numerical similarity between the quality factor p and the quality factor q meets the preset requirement by the similarity determining module 203 includes: judging whether the digit difference or the numerical value difference between the quality factor p and the quality factor q is smaller than a preset numerical value; if yes, judging that the numerical similarity of the quality factor p and the quality factor q meets the preset requirement; if not, judging that the numerical similarity of the quality factor p and the quality factor q does not meet the preset requirement.
Further, the process of determining whether the numerical similarity between the quality factor p and the quality factor q meets the preset requirement by the similarity determining module 203 includes: and judging whether the numerical similarity of the quality factor p and the quality factor q meets the preset requirement or not by using a GPS signature algorithm.
Further, the method further comprises the following steps:
and the error reporting module is used for judging that the modulus n does not meet the safety requirement if the quality factor p and the quality factor q do not exist in the modulus n or the numerical similarity of the quality factor p and the quality factor q does not meet the preset requirement.
Since the embodiments of the system portion and the embodiments of the method portion correspond to each other, the embodiments of the system portion refer to the description of the embodiments of the method portion, which is not repeated herein.
The present application also provides a storage medium having stored thereon a computer program which, when executed, performs the steps provided by the above embodiments. The storage medium may include: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a random access Memory (Random Access Memory, RAM), a magnetic disk, or an optical disk, or other various media capable of storing program codes.
The application also provides an electronic device, which can comprise a memory and a processor, wherein the memory stores a computer program, and the processor can realize the steps provided by the embodiment when calling the computer program in the memory. Of course the electronic device may also include various network interfaces, power supplies, etc.
In the description, each embodiment is described in a progressive manner, and each embodiment is mainly described by the differences from other embodiments, so that the same similar parts among the embodiments are mutually referred. For the system disclosed in the embodiment, since it corresponds to the method disclosed in the embodiment, the description is relatively simple, and the relevant points refer to the description of the method section. It should be noted that it will be apparent to those skilled in the art that various modifications and adaptations of the application can be made without departing from the principles of the application and these modifications and adaptations are intended to be within the scope of the application as defined in the following claims.
It should also be noted that in this specification, relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.

Claims (10)

1. A data encryption method based on RSA algorithm, comprising:
if a data encryption request is received, determining target data corresponding to the data encryption request, and acquiring a modulus n of an RSA algorithm from a third-party platform;
judging whether the modulus n only has 2 quality factors which are more than 1 and less than n; wherein the 2 plasma factors include a plasma factor p and a plasma factor q;
if the modulus n only has 2 quality factors which are more than 1 and less than n, judging whether the numerical similarity of the quality factor p and the quality factor q meets the preset requirement;
and if the data meets the preset requirement, executing data encryption operation based on RSA algorithm on the target data by using the modulus n.
2. The RSA algorithm-based data encryption method according to claim 1, wherein determining whether the modulus n has only 2 prime factors greater than 1 and less than n comprises:
selecting m random values ρ from a target set i
Judging the random value rho i Whether the modulus n is twice the remainder; if yes, the random value rho is obtained i Adding the square root of (2) to the verifier set; if not, adding 0 to the verifier set;
judging whether the number of non-zero elements in the verifier set is larger than a preset number or not to obtain a first judgment result;
judging whether the modulus n is positive odd number and is not prime number or prime power to obtain a second judging result;
if the first judging result and the second judging result are both yes, judging that the modulus n only has 2 quality factors which are more than 1 and less than n;
and if the first judging result and the second judging result are not equal, judging that the modulus n does not meet the safety requirement.
3. The RSA algorithm-based data encryption method according to claim 2, wherein the random value ρ is i Adding to the verifier set a square root of (c) comprising:
from the random value ρ i Randomly selected one of the square roots of (a) is added to the verifier set.
4. The method for encrypting data based on RSA algorithm according to claim 2, wherein m random values ρ are selected from the target set i Before, still include:
calculating the value of m according to the statistical safety parameter kappa; wherein,
correspondingly, before judging whether the number of non-zero elements in the verifier set is greater than a preset number, the method further comprises:
the preset number is set to 3m/8.
5. The RSA algorithm-based data encryption method according to claim 1, wherein determining whether the numerical similarity of the quality factor p and the quality factor q meets a preset requirement comprises:
judging whether the digit difference or the numerical value difference between the quality factor p and the quality factor q is smaller than a preset numerical value;
if yes, judging that the numerical similarity of the quality factor p and the quality factor q meets the preset requirement;
if not, judging that the numerical similarity of the quality factor p and the quality factor q does not meet the preset requirement.
6. The RSA algorithm-based data encryption method according to claim 1, wherein determining whether the numerical similarity of the quality factor p and the quality factor q meets a preset requirement comprises:
and judging whether the numerical similarity of the quality factor p and the quality factor q meets the preset requirement or not by using a GPS signature algorithm.
7. The RSA algorithm-based data encryption method according to any one of claims 1 to 6, further comprising:
and if the modulus n does not have the quality factor p and the quality factor q, or the numerical similarity of the quality factor p and the quality factor q does not meet the preset requirement, judging that the modulus n does not meet the safety requirement.
8. A data encryption system based on RSA algorithm, comprising:
the module acquisition module is used for determining target data corresponding to the data encryption request if the data encryption request is received, and acquiring a module n of an RSA algorithm from a third-party platform;
the quantity judging module is used for judging whether the modulus n only has 2 quality factors which are more than 1 and less than n; wherein the 2 plasma factors include a plasma factor p and a plasma factor q;
the similarity judging module is used for judging whether the numerical similarity of the quality factor p and the quality factor q meets the preset requirement if the modulus n only has 2 quality factors which are more than 1 and less than n;
and the encryption module is used for executing data encryption operation based on RSA algorithm on the target data by utilizing the modulus n if the numerical similarity meets the preset requirement.
9. An electronic device comprising a memory and a processor, the memory having stored therein a computer program, the processor implementing the steps of the RSA algorithm-based data encryption method according to any one of claims 1 to 7 when the computer program in the memory is invoked by the processor.
10. A storage medium having stored therein computer executable instructions which when loaded and executed by a processor implement the steps of the RSA algorithm-based data encryption method according to any one of claims 1 to 7.
CN202311001279.0A 2023-08-09 2023-08-09 Data encryption method, system, electronic equipment and medium based on RSA algorithm Pending CN116846558A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311001279.0A CN116846558A (en) 2023-08-09 2023-08-09 Data encryption method, system, electronic equipment and medium based on RSA algorithm

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311001279.0A CN116846558A (en) 2023-08-09 2023-08-09 Data encryption method, system, electronic equipment and medium based on RSA algorithm

Publications (1)

Publication Number Publication Date
CN116846558A true CN116846558A (en) 2023-10-03

Family

ID=88167328

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311001279.0A Pending CN116846558A (en) 2023-08-09 2023-08-09 Data encryption method, system, electronic equipment and medium based on RSA algorithm

Country Status (1)

Country Link
CN (1) CN116846558A (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110830261A (en) * 2019-10-12 2020-02-21 平安普惠企业管理有限公司 Encryption method, device, computer equipment and storage medium
WO2020155758A1 (en) * 2019-01-28 2020-08-06 平安科技(深圳)有限公司 Data encryption transmission control method and device, computer apparatus, and storage medium

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2020155758A1 (en) * 2019-01-28 2020-08-06 平安科技(深圳)有限公司 Data encryption transmission control method and device, computer apparatus, and storage medium
CN110830261A (en) * 2019-10-12 2020-02-21 平安普惠企业管理有限公司 Encryption method, device, computer equipment and storage medium

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
RÉMI GÉRAUD-STEWART,DAVID NACCACHE: "Elementary Attestation of Cryptographically Useful Composite Moduli", CRYPTOLOGY EPRINT ARCHIVES, pages 1 - 13 *

Similar Documents

Publication Publication Date Title
US7308097B2 (en) Digital signature and authentication method and apparatus
US7912216B2 (en) Elliptic curve cryptosystem optimization using two phase key generation
CA2768861C (en) Incorporating data into ecdsa signature component
CA2792267C (en) Verifying implicit certificates and digital signatures
JP5564053B2 (en) Method for generating encryption key, network and computer program
US8189771B2 (en) Hash functions with elliptic polynomial hopping
CA2305896C (en) Key validation scheme
CN112446052B (en) Aggregated signature method and system suitable for secret-related information system
KR20060104823A (en) Fast batch verification method and apparatus there-of
CN108337092B (en) Method and system for performing collective authentication in a communication network
Anada et al. RSA public keys with inside structure: Proofs of key generation and identities for web-of-trust
CN116346328A (en) Digital signature method, system, equipment and computer readable storage medium
GB2450574A (en) Batch verification of multiple signature data
CN116846558A (en) Data encryption method, system, electronic equipment and medium based on RSA algorithm
KR102364047B1 (en) Method and apparatus for public-key cryptography based on structured matrices
CN113708927A (en) Universal designated verifier signature certification system based on SM2 digital signature
US8150030B2 (en) Cryptographic hashing device and method
CN102394747B (en) Method for rapidly embedding plaintext on one point of elliptic curve
CN111711524A (en) Certificate-based lightweight outsourcing data auditing method
CN114584323B (en) Lattice-based proxy signature and verification method, device, equipment and storage medium
CN113114461B (en) N-time public key compression method for integer homomorphic encryption
Lieb et al. ECDSA and QUARTZ in Comparison with RSA
WO2024038028A1 (en) Improved blockchain system and method
CN117595984A (en) Verifiable random function construction method, device, equipment and medium based on SM2
CN117353934A (en) Verifiable random function construction method, device and equipment based on ECDSA

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination